Systematic performance, and Security evaluation of .NET models for accessing database

Authors

  • Atta Ullah Department of Computer Software Engineering, University of Engineering and Technology, Peshawar, Khyber Pakhtunkhwa, Pakistan
  • Muhammad Usman Department of Computer Software Engineering, University of Engineering and Technology, Mardan, Khyber Pakhtunkhwa, Pakistan
  • Muhammad F. Abrar Department of Computer Software Engineering, University of Engineering and Technology, Mardan, Khyber Pakhtunkhwa, Pakistan
  • Najeeb Ullah Department of Computer Software Engineering, University of Engineering and Technology, Mardan, Khyber Pakhtunkhwa, Pakistan
  • Ibrar A. Shah Department of Computer Software Engineering, University of Engineering and Technology, Mardan, Khyber Pakhtunkhwa, Pakistan
  • Muhammad F. Nadeem Informatics Complex, H-8, Islamabad, 44000, Pakistan

DOI:

https://doi.org/10.21015/vtse.v9i4.752

Abstract

In .NET, Object Relational Mapping (ORM) is a programming technique used for accessing the database, which has many frameworks, like Entity Framework, LINQ to SQL, NHibernate, Tele rick Open Access, Light Speed. The LINQ to SQL and Entity Framework usability has increased. This is because of the reason that in these two frameworks full CRUD (Create, Read, Update and Delete) operations can be implemented in short time as compared to Transact Queries, which require more time. In case of multiple projects on various models; Transact Query, LINQ to SQL, and Entity Framework, it becomes difficult to decide which model is the best in terms of performance and security. Therefore, in this article, we provide a comprehensive comparison between Entity Framework, LINQ to SQL and Transact Queries in terms of performance and security. For this purpose, we implemented eleven different types of queries on the selected three frameworks. Subsequently, we quantified and evaluated the execution time and memory usage of all the queries. Furthermore, all types of SQL injection attacks have been applied on three separate applications for security evaluation. Our results show that, the Transact Query is more vulnerable to SQL injection attacks as compared to LINQ to SQL and Entity Framework. Our results show that Transact Query outperforms in terms of memory and CPU usage.  Our results also help the practitioner in adopting a framework on the basis of query level performance in terms of memory and CPU usage.

References

Dick, J.R., Kent, K. B. And Libby, J.C (2008) A Quantitative analysis of the .NET common language runtime. Journal of Systems Architecture, 554:679-696 DOI: https://doi.org/10.1016/j.sysarc.2007.11.004

M. H. Lutz and P. A. Laplante (2003) C# and the .NET framework: ready for real time. IEEE Software, vol. 20, no. 1, pp. 74-80, doi: 10.1109/MS.1159034 DOI: https://doi.org/10.1109/MS.2003.1159034

J. Richter (2000) Microsoft .NET Framework Delivers the Platform an Integrated Service-Oriented Web. MSDN Magazine

ROSS MISTRY. Stacia Misner (2014) Introducing Microsoft SQL Server 2014. Washington, Microsoft Press

Dr V.Sivakumar, T.Balachander, Logu, Ramu Jannali (2021) Object Relational Mapping Framework Performance Impact. Turkish Journal of Computer and Mathematics Education, Vol.12 No.7, Pages 2516-2619

Václav Kaczmarczyk, Zdeněk Bradáč, Jakub Arm, Ondřej Baštán, Zuzana Kaczmarczyková (2019) A Simple and effective ADO.NET-based ORM layer. IFAC-PapersOnLine, Volume 52, Pages 228-234, ISSN 2405-8963

Abdulkadir Karachi (2009) Performance Comparison of Managed C# and Delphi Prism in Visual Studio and Unmanaged Delphi and C++ Builder Languages. Journal of Computer Applications, Volume 26-No.1 DOI: https://doi.org/10.5120/3070-4199

Yener, Oguz, Tugce and Adil (2015) Performance Comparison of PHP-ASP Web Applications via Database Queries. In Proceeding of the International Conference on Engineering & MIS, 1-3. 10.1145/2832987.2833054

Atul Mishra (2014) Critical Comparison of PHP and ASP.NET for Web Development. International Journal of Science & Technology Researh, Volume 7

Natela & Merab (2012) Reforming the Trees C# and F# Comparison. IV International Conference of “Problems of Cybernetics and Informatics” (PCI’2012).

Li, Yishan & Manoharan, Sathiamoorthy (2013) A performance comparison of SQL and NoSQL databases. In Proc. 15-19th IEEE Pacific Rim Conference on Communications, Computers, and Signal Processing, 10.1109/PACRIM. 6625441 DOI: https://doi.org/10.1109/PACRIM.2013.6625441

Laaziri, Majida & Benmoussa, Khaoula & Khoulji, Samira & Larbi, Kerkeb &Yamami, Abir (2019). A comparative study of Laravel and symfony PHP frameworks. International Journal of Electrical and Computer Engineering, 9. 704-712.10.11591 /ijece.v9i1. pp 704 712.

Downloads

Published

2021-12-31

How to Cite

Ullah, A., Usman, M., Abrar, M. F., Ullah, N., Shah, I. A., & Nadeem, M. F. (2021). Systematic performance, and Security evaluation of .NET models for accessing database. VFAST Transactions on Software Engineering, 9(4), 18–24. https://doi.org/10.21015/vtse.v9i4.752

Issue

Vol. 9 No. 4 (2021): October-December

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC-By) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

                                      

This work is licensed under a Creative Commons Attribution  License CC BY